Presentation is loading. Please wait.

Presentation is loading. Please wait.

Firewall COSC 513 By Lerraj Khommeteeyuthakan. Introduction to Firewall zA method for keeping a network secure zFirewall is an approach to security zHelps.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Firewall COSC 513 By Lerraj Khommeteeyuthakan. Introduction to Firewall zA method for keeping a network secure zFirewall is an approach to security zHelps."— Presentation transcript:

1 Firewall COSC 513 By Lerraj Khommeteeyuthakan

2 Introduction to Firewall zA method for keeping a network secure zFirewall is an approach to security zHelps implement a larger security policy zTo control access to or from a protected network

3 The Firewall Concept

4 zA firewall system can be a router zA personal computer zA host, or a collection of hosts  Firewall set up specifically to shield a site or subnet from protocols and services that can be abused from hosts outside the subnet

5 The Firewall Concept zA firewall system is usually located at a higher-level gateway zfirewall systems can be located at lower-level gateways to provide protection for some smaller collection of hosts or subnets

6 Why Firewalls  Protection from Vulnerable Services  Controlled Access to Site Systems  Concentrated Security  Enhanced Privacy  Logging and Statistics on Network Use, Misuse  Policy Enforcement

7 Protection from Vulnerable Services zA firewall can greatly improve network security zReduce risks to hosts on the subnet by filtering inherently insecure services  Only selected protocols will be able to pass through the firewall

8 Controlled Access to Site Systems zProvides the ability to control access to site systems zPrevent outside access to its hosts except for special cases such as mail servers or information servers

9 Enhanced Privacy zPrivacy is of great concern to certain sites z Using a firewall, some sites wish to block services such as finger and Domain Name Service z finger displays information about users such as their last login time, read mail z finger could leak information to attackers about how often a system is used, system could be attacked without drawing attention. zFirewalls can also be used to block DNS information about site systems zThe names and IP addresses of site systems would not be available to Internet hosts

10 Logging and Statistics on Network Use, Misuse zFirewall can log accesses and provide valuable statistics about network usage zFirewall, will alarms that sound when suspicious activity occurs zProvide details on whether the firewall and network are being probed or attacked zIt is important to collect network usage statistics  Network usage statistics are also important as input into network requirements studies and risk analysis activities

11 Policy Enforcement zFirewall provides the means for implementing and enforcing a network access policy zProvides access control to users and services zA network access policy can be enforced by a firewall zWithout a firewall, a policy depends entirely on the cooperation of users

12 Issues and Problems with Firewalls  Restricted Access to Desirable Services  Large Potential for Back Doors  Little Protection from Insider Attacks

13 Restricted Access to Desirable Services zThe most obvious disadvantage of a firewall -block certain services that users want -block services as TELNET, FTP, X Windows, NFS (Network File System) zNetwork access could be restricted at the host level

14 Large Potential for Back Doors zfirewalls do not protect against back doors into the site zif unrestricted modem access is still permitted into a site protected by a firewall, attackers could effectively jump around the firewall zModem speeds are now fast enough to make running SLIP (Serial Line IP) and PPP (Point-to- Point Protocol) practical; a SLIP or PPP connection inside a protected subnet is in essence another network connection and a potential backdoor

15 Little Protection from Insider Attacks zFirewalls generally do not provide protection from insider threats. zWhile a firewall may be designed to prevent outsiders from obtaining sensitive data, the firewall does not prevent an insider from copying the data onto a tape and taking it out of the facility.

16 znetwork policy zadvanced authentication mechanisms zpacket filtering zapplication gateways Firewall Components

17 Network Policy zThe higher-level policy is an issue-specific, network access policy that defines those services that will be allowed or explicitly denied from the restricted network zThe lower-level policy describes how the firewall will actually go about restricting the access and filtering the services that were defined in the higher level policy

18 Advanced Authentication zSmartcards, authentication tokens, biometrics, and software-based mechanisms are designed to counter the weaknesses of traditional passwords zThe passwords generated by advanced authentication devices cannot be reused by an attacker who has monitored a connection

19 Advanced Authentication on a Firewall

20 Packet Filtering zIP packet filtering is using a packet filtering router designed for filtering packets as they pass between the router's interfaces  A packet filtering router usually can filter IP packets ysource IP address ydestination IP address yTCP/UDP source port  TCP/UDP destination port zused a variety of ways to block connections from or to specific hosts or networks

21 Representation of Packet Filtering on TELNET and SMTP

22 Application Gateways zfirewalls need to use software applications to forward and filter connections for services such as TELNET and FTP zan application is referred to as a proxy service, while the host running the proxy service is referred to as an application gateway  application gateways and packet filtering routers can be combined to provide higher levels of security and flexibility than if either were used alone

23 Firewall Policy zPolicy was discussed in in terms of a service access policy and a firewall design policy yincludes decisions concerning host systems security ydial-in access yoff-site Internet access yprotection of information off-site ydata communications security and others

24 What Should a Firewall Contain? zsupport a ``deny all services except those specifically permitted'' design policy, zsupport your security policy zThe firewall should be flexible zshould be able to accommodate new services and needs if the security policy of the organization changes

25 What Should a Firewall Contain? zshould contain advanced authentication measures or should contain the hooks for installing advanced authentication measures zshould employ filtering techniques to permit or deny services to specified host systems as needed zThe IP filtering language should be flexible, user- friendly to program zshould filter on as many attributes as possible, including source and destination IP address, protocol type, source and destination TCP/UDP port, and inbound and outbound interface

26 What Should a Firewall Contain? zshould use proxy services for services such as FTP and TELNET zshould contain the ability to centralize SMTP access, to reduce direct SMTP connections between site and remote systems zshould accommodate public access to the site ysuch public information servers can be protected by the firewall  can be segregated from site systems that do not require the public access  The firewall should contain the ability to concentrate and filter dial-in access

27 What Should a Firewall Contain? zshould contain mechanisms for logging traffic and suspicious activity, zshould contain mechanisms for log reduction so that logs are readable and understandable. zIf firewall requires an operating system such as UNIX, a secured version of the operating system should be part of the firewall

28 What Should a Firewall Contain? zThe operating system should have all patches installed zshould be developed in a manner that its strength and correctness is verifiable zIt should be simple in design so that it can be understood and maintained.  The firewall and any corresponding operating system should be updated with patches and other bug fixes in a timely manner

29 To Buy or Build a Firewall zshould first develop a policy and related requirements before proceeding zIf an organization is having difficulty developing a policy, it may need to contact a vendor who can assist in this process zunderstand the specifics of the design and use of the firewall

30 To Buy or Build a Firewall zhow will the firewall be tested zwho will verify that the firewall performs as expected zwho will perform general maintenance of the firewall, such as backups and repairs z who will install updates to the firewall such as for new proxy servers, new patches, and other enhancements, zcan security-related patches and problems be corrected in a timely manner  who will perform user support and training

31 Firewall Software zMcAfee Firewall  Norton Internet Security 2000

Download ppt "Firewall COSC 513 By Lerraj Khommeteeyuthakan. Introduction to Firewall zA method for keeping a network secure zFirewall is an approach to security zHelps."

Similar presentations

Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
IUT– Network Security Course 1 Network Security Firewalls.

IUT– Network Security Course 1 Network Security Firewalls.
Network Security Introduction Security technologies protect mission-critical networks from corruption and intrusion. Network security enables new business.

Network Security Introduction Security technologies protect mission-critical networks from corruption and intrusion. Network security enables new business.
FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
Winter 20021 CMPE 155 Week 7. Winter 20022 Assignment 6: Firewalls What is a firewall? –Security at the network level. Wide-area network access makes.

Winter CMPE 155 Week 7. Winter Assignment 6: Firewalls What is a firewall? –Security at the network level. Wide-area network access makes.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Access Control for Networks Problems: –Enforce an access control policy Allow trust relationships among machines –Protect local internet from outsiders.

Access Control for Networks Problems: –Enforce an access control policy Allow trust relationships among machines –Protect local internet from outsiders.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
Electronic Commerce 2. Definition Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World.

Electronic Commerce 2. Definition Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World.
Beth Johnson April 27, 1998. What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.

Beth Johnson April 27, What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.

Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Internet/Intranet firewall security – policy, architecture and transaction services Written by Ray Hunt This presentation will Examines Policies that influence.

Internet/Intranet firewall security – policy, architecture and transaction services Written by Ray Hunt This presentation will Examines Policies that influence.
Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.

Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.
Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.

Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.

Similar presentations

Ads by Google